Skip to content
This repository was archived by the owner on Jan 23, 2023. It is now read-only.

Remove a few allocations from SslStream #22304

Merged
stephentoub merged 2 commits into from
Jul 17, 2017
Merged

Remove a few allocations from SslStream #22304

stephentoub merged 2 commits into from
Jul 17, 2017

Conversation

@stephentoub
Copy link
Member

@stephentoub stephentoub commented Jul 16, 2017

Minor, as they only affect the AuthenticateAsClient/Server paths, which generally happen only once per stream, but every little bit helps:

  • If no client certificates are provided, the code is currently allocating an empty collection. That's not necessary.
  • Begin and End delegates are currently being allocated for each call. We can avoid that by passing this in as instance state.

cc: @geoffkizer, @Drawaes, @CIPop

@stephentoub
Remove unnecessary X509CertificateCollection allocations
50411ea
@stephentoub
Avoid delegate allocations per AuthenticateAs call in SslStream
abb7a63 
Each call is allocating a delegate for the Begin and End method.  We can avoid that by passing `this` in as state.
@karelz karelz modified the milestone: 2.1.0 Jul 16, 2017
Drawaes
Drawaes reviewed Jul 16, 2017
View reviewed changes
src/System.Net.Security/src/System/Net/Security/SecureChannel.cs
else
{
if (ClientCertificates.Count == 0)
if (_clientCertificates == null || _clientCertificates.Count == 0)
Copy link

@Drawaes Drawaes Jul 16, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it be a good idea to flip the if and change to if(_clientCertificates?.Count > 0) ?

Copy link
Member Author

@stephentoub stephentoub Jul 16, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why would that be better?

Copy link
Contributor

@JonHanna JonHanna Jul 16, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since the if and else have code in common, the common could be moved out of the branch to

if (NetEventSource.IsEnabled) NetEventSource.Log.NoDelegateNoClientCert(this);
if (ClientCertificates.Count == 0)
{
    sessionRestartAttempt = true;
}

(Assuming NoDelegateNoClientCert doesn't side-effect on ClientCertificates which I haven't checked. Not a big impact, but if one was going to refactor the if, I'd say do that rather than flipping it.

Copy link

@Drawaes Drawaes Jul 16, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are right (never attempt a review on a mobile phone). So I am looking at the code on my computer now, this isn't the method I am really worried about. It's more the next one AcquireClientCredentials that is many pages long, and nested a number of levels deep. It looks a bit "openssl". So I have no problem with the changes in general, just wondering if while this is being looked at if this could be refactored in some way. Anyway the changes you have made look good and are an improvement.

Copy link
Member Author

@stephentoub stephentoub Jul 16, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, thanks. I wasn't planning to do any refactoring as part of this change. There's plenty of it that can and should be done later :)

@geoffkizer
Copy link

geoffkizer commented Jul 16, 2017

LGTM

@stephentoub stephentoub merged commit 96dbafb into dotnet:master Jul 17, 2017
@stephentoub stephentoub deleted the remove_ssl_allocs branch July 17, 2017 15:27
pjanotti pushed a commit to pjanotti/corefx that referenced this pull request Jul 20, 2017
@stephentoub
Remove a few allocations from SslStream (dotnet#22304)
dc49de3 
* Remove unnecessary X509CertificateCollection allocations

* Avoid delegate allocations per AuthenticateAs call in SslStream

Each call is allocating a delegate for the Begin and End method.  We can avoid that by passing `this` in as state.
@stephentoub stephentoub mentioned this pull request Aug 19, 2017
Closed
picenka21 pushed a commit to picenka21/runtime that referenced this pull request Feb 18, 2022
@stephentoub
Remove a few allocations from SslStream (dotnet/corefx#22304)
d87103e 
* Remove unnecessary X509CertificateCollection allocations

* Avoid delegate allocations per AuthenticateAs call in SslStream

Each call is allocating a delegate for the Begin and End method.  We can avoid that by passing `this` in as state.


Commit migrated from dotnet/corefx@96dbafb
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

2 more reviewers

@JonHanna JonHanna JonHanna left review comments

@Drawaes Drawaes Drawaes left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@stephentoub stephentoub

Labels

area-System.Net.Security

Projects

None yet

Milestone

2.1.0

Development

Successfully merging this pull request may close these issues.

6 participants

@stephentoub @geoffkizer @JonHanna @Drawaes @karelz @dnfclas